diff options
author | Eric Dumazet <edumazet@google.com> | 2018-01-24 17:16:09 -0800 |
---|---|---|
committer | Sasha Levin <alexander.levin@microsoft.com> | 2018-03-04 10:28:24 -0500 |
commit | 3779fc38796d5f62d43e9c5b92c165c6977fe119 (patch) | |
tree | f05bfe3df769b19357554d06f3817e6cffd94b86 /net/ipv4 | |
parent | 3ff2aade6674dff269732a54da158801afe43c3b (diff) |
netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
[ Upstream commit da17c73b6eb74aad3c3c0654394635675b623b3e ]
It looks like syzbot found its way into netfilter territory.
Issue here is that @name comes from user space and might
not be null terminated.
Out-of-bound reads happen, KASAN is not happy.
v2 added similar fix for xt_request_find_target(),
as Florian advised.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Diffstat (limited to 'net/ipv4')
0 files changed, 0 insertions, 0 deletions